Suddenly, *only with Firefox* all computers in the house show (Error code: ssl_error_rx_record_too_long) when trying to access any Google product.
Today, all laptops in the house (latest ver of FF) began throwing the error:
(Error code: ssl_error_rx_record_too_long)
When trying to access any Google products: gmail, Google+, analytics, Google website, etc
Solução escolhida
Make sure to reset the security.tls.version.max pref to 1 if you have previously changed this pref to 0 to disable TLS 1.0
Ler esta resposta no contexto 👍 6Todas as respostas (20)
Yes, I am a Surrey customer as well.
Replicated problem on Firefox 25.0, 24.0, 23.0.1, and WaterFox 24.0 (64bit variant of FF)
Maple Ridge checking in, same problem. Also, girlfriend in Surrey with the same issue.
Firefox is able to access any website EXCEPT anything Google or Facebook.
Internet Explorer works fine.
Thanks all for reporting! I'm a Canadian contributor here in Edmonton, Alberta. I'm not using Shaw but Telus. I'll see what I can get out of Shaw when I contact them.
I just had my friend here using Shaw check for me to see if we're affected but he can access his gmail fine so it's a local area issue but I'll still try to knock something out of them.
Modificado por Andrew a
Checking in from Surrey BC, I am on Shaw and have the same issue. My Firefox auto-updated to 25.0 while I was trying to get onto Facebook. I used Ixquick to search for the error (coudn't use Google!) but found no useful information. The most common suggestion was "fix the date and time on your computer", but my date and time are perfectly correct. Other suggestions said to go to http://... instead of https://..., but when I tried that, Firefox inserted the "S" and went to https://... anyway - resulting in the same error. I've changed my proxy setting in Firefox to "no proxy", no luck there. Anyone have any other tips? Or are we all convinced now that it's Shaw's problem and we have to wait for them to fix it themselves?
Hello,
Can somebody who is affected by this issue post the output of a traceroute to one of the affected sites. I'd like to try figure out the cause to see if it's a bug in Firefox since the other browser's aren't affected. Instructions for Windows::
- Press the Windows key + r to get the run dialog
- Type 'cmd' hit enter
- Type 'tracert www.google.ca' and hit enter
- When it completes and says 'Trace complete', copy the output to the forum or take a screeshot. (right-click > Select All followed by right-click Copy and then trim the copyright stuff.)
Here's the trace for www.facebook.com. I'll do one for google.ca and post it in a moment.
tracert www.facebook.com
Tracing route to star.c10r.facebook.com [31.13.76.49] over a maximum of 30 hops:
1 * * * Request timed out. 2 * * * Request timed out. 3 * 16 ms 16 ms gw12fl-f2.vs.shawcable.net [64.59.147.185] 4 * 14 ms 15 ms rc2bb-tge0-13-0-3.vc.shawcable.net [66.163.69.77
]
5 * 28 ms 15 ms rc5wt-pos0-0-1-0.wa.shawcable.net [66.163.76.126
]
6 * 13 ms * SIX1.PR01.SEA1.tfbnw.net [206.81.80.181] 7 15 ms 15 ms 17 ms ae2.bb01.sea1.tfbnw.net [74.119.78.77] 8 19 ms 13 ms 15 ms ae1.pr02.sea1.tfbnw.net [74.119.79.27] 9 * * * Request timed out. 10 17 ms 15 ms 15 ms edge-star-shv-06-sea1.facebook.com [31.13.76.49]
Trace complete.
It is most likely not a FireFox bug, since this problem can currently be replicated on previous versions of FF which used to work as long as you are in not the affected area/IP range.
Modificado por olwince a
And here's the trace for www.google.ca
C:\WINDOWS\SYSTEM32>tracert www.google.ca
Tracing route to www.google.ca [173.194.33.87] over a maximum of 30 hops:
1 1 ms * 1 ms 192.168.1.1 2 * * * Request timed out. 3 16 ms 16 ms 14 ms gw12fl-f2.vs.shawcable.net [64.59.147.185] 4 * 13 ms 15 ms rc2bb-tge0-13-0-3.vc.shawcable.net [66.163.69.77
]
5 17 ms 15 ms 16 ms rc5wt-pos0-0-1-0.wa.shawcable.net [66.163.76.126
]
6 14 ms 15 ms 15 ms 72.14.195.242 7 15 ms 16 ms * 66.249.94.212 8 24 ms 17 ms 16 ms 209.85.244.59 9 15 ms 15 ms 13 ms sea09s15-in-f23.1e100.net [173.194.33.87]
Trace complete.
C:\WINDOWS\SYSTEM32>
@olwince, there has to be a reason why it works in other browsers though. I'm trying to see if there is something Firefox could do differently to handle this.
Thanks @umpiredice, it's working from here to connect to the websites over those IP addresses so I can't get much more information from that.
I have contact Shaw Tech Support. The agent is from the Nanaimo office.
Annemarie said: The only information I have about a suggestion trying to resolve the issue is checking if updating an out of date version of the browser resolves the issue, but otherwise we are asking our representatives to collect examples from our customers who are having these issues, if they contact us.
After I told them that our users are on the latest version I was told this:
"I know that for Shaw internet customers contacting us who are having issues, if we can't resolve the agents should be collecting information and providing to our operations team, who would then be working towards locating the source of the issue and any resolution that would be made on our side, if possible"
She continues on to say: "We haven't seen any other updates other than the request to collect and submit examples earlier this evening, so I don't know how close operations would be to finding any sort of resolution or work around for this issue."
When ask for an ETA: Operations would provide us with an update when they have any news for us, but there is no way of knowing how long that would be, unfortunately.
And when asked how far the population is affected and about providing information after hearing an automated message this was provided:
We don't have any information as to whether the issue as reported from customers so far is contained within any particular region, or if it has been reported nation wide. For each customer we do speak with who is experiencing the issue, we would be collecting the account number, modem type, chassis through which they connect on our network, and the browser/version number and whether updating an out of date browser resolves the issue, as well as examples of urls for which they are receiving the error message.
At the end I was provided a link to a user that reported on the shaw forums: https://community.shaw.ca/message/51905#51905
I too am with Shaw and from South Surrey and this problem just started happening today. Lattely shaw's internet has been disconecting then reconecting mostly durring Battlefield 4. I'm glad to know its a problem on thier part.
If more affected customers provide the information being requested over Twitter and in their forums, they may be able to resolve it sooner. It seems like they were still looking for information 20 minutes ago.
Modificado por Matt N. a
@feer56 Thanks for link :)
goto about:config set security.tls.version to 0
I'm in Surrey and got this from Shaw about 30 min ago They claimed it's a problem with firefox and to contact firefox I guess it only effects Firefox in Surrey? LOL
BTW using google IP address works. Something screwy in the DNS?
@GaryGS yes disabling TLS support would make it work temporary, but never trust call center rep when they claim problem is not on their end)
Here is article about the meaning of different values.
When I go to about:config, there is no preference name called "security.tls.version". There are, however, two called "security.tls.version.max" (currently set to 1) and "security.tls.version.min" (currently set to 0). Should I be changing one or both of these?
@umpiredice change security.tls.version.max to 0
Posted workaround on Shaw Support thread , thanks GaryGS.
Modificado por olwince a
Thanks Olwince, that worked.
For Google, entering "173.194.33.87" instead of "www.google.ca" worked. But using the IP address for Facebook didn't - both 31.13.76.49 and 173.252.110.27 failed with the same error message. (That was before I disabled TLS.)
So, disabling TLS is a temporary measure, is it? Do I need to change it back once Shaw have got the problem fixed at their end?
Modificado por umpiredice a
Yes, the security.tls.version.max preference should be reset once Shaw has fixed this as I believe this workaround makes secure connections somewhat less secure.
Modificado por Matt N. a